Fitness trackers could benefit from better security, study finds

The security of wearable fitness trackers could be improved to better protect users' personal data, a study suggests.

Vulnerabilities in the devices - which track heart rate, steps taken and calories burned - could threaten the privacy and security of the data they record, scientists say.

Exploiting security weak spots in the communication procedures of some gadgets could allow unauthorised sharing of personal data with third parties. These include online retailers and marketing agencies, the team says.

A team at the University of Edinburgh carried out an in-depth security analysis of two popular models of wearable fitness trackers made by Fitbit.

The researchers discovered a way of intercepting messages transmitted between fitness trackers and cloud servers - where data is sent for analysis. This allowed them to access personal information and create false activity records.

The team also demonstrated how the system that keeps data on the devices secure - called end-to-end encryption - can be circumvented. By dismantling devices and modifying information stored in their memory, researchers bypassed the encryption system and gained access to stored data.

Researchers have produced guidelines to help manufacturers remove similar weaknesses from future system designs to ensure users' personal data is kept private and secure.

In response to the findings, Fitbit has developed software patches to improve the privacy and security of its devices.

The findings will be presented at the International Symposium on Research in Attacks (RAID) on 18-20 September. The research was carried out in collaboration with Technische Universitat Darmstadt, Germany, and the University of Padua, Italy. The Edinburgh researchers were part-funded by the Scottish Informatics and Computer Science Alliance.

Dr Paul Patras, of the University of Edinburgh's School of Informatics, who took part in the study, said: "Our work demonstrates that security and privacy measures implemented in popular wearable devices continue to lag behind the pace of new technology development. We welcome Fitbit's receptiveness to our findings, their professional attitude towards understanding the vulnerabilities we identified and the timely manner in which they have improved the affected services."

Study applies game theory to genomic privacyA new study from Vanderbilt University presents an unorthodox approach to protect the privacy of genomic data, showing how optimal trade-offs between privacy risk and scientific utility can be struck as genomic data are released for research.

Children's health and privacy at risk from digital marketingFor the first time, researchers and health experts have undertaken a comprehensive analysis of the concerning situation in the World Health Organisation European Region regarding digital marketing to children of foods high in fats, salt and sugars

System helps protect privacy in genomic databasesIn the latest issue of the journal Cell Systems, researchers from MIT's Computer Science and Artificial Intelligence Laboratory and Indiana University at Bloomington describe a new system that permits database queries for genome-wide association studies but reduces the chances of privacy compromises to almost zero.

We live more and more of our lives online; we rely on the internet as we work, correspond with friends and loved ones, and go through a multitude of mundane activities like paying bills, streaming videos, reading the news, and listening to music. Without thinking twice, we operate with the understanding that the data that traces these activities will not be abused now or in the future. There is an abstract idea of privacy that we invoke, and, concrete rules about our privacy that we can point to if we are pressed. Nonetheless, too often we are uneasily reminded that our privacy is not... View Details

This textbook, at nearly 500 pages, will explain how to become digitally invisible. You will make all of your communications private, data encrypted, internet connections anonymous, computers hardened, identity guarded, purchases secret, accounts secured, devices locked, and home address hidden. You will remove all personal information from public view and will reclaim your right to privacy. You will no longer give away your intimate details and you will take yourself out of 'the system'. You will use covert aliases and misinformation to eliminate current and future threats toward your... View Details

Some would argue that scarcely a day passes without a new assault on our privacy. In the wake of the whistle-blower Edward Snowden's revelations about the extent of surveillance conducted by the security services in the United States, Britain, and elsewhere, concerns about individual privacy have significantly increased. The Internet generates risks, unimagined even twenty years ago, to the security and integrity of information in all its forms.

The manner in which information is collected, stored, exchanged, and used has changed forever; and with it, the character of the threats to... View Details

Privacy is one of the most important concepts of our time, yet it is also one of the most elusive. As rapidly changing technology makes information increasingly available, scholars, activists, and policymakers have struggled to define privacy, with many conceding that the task is virtually impossible.

In this concise and lucid book, Daniel J. Solove offers a comprehensive overview of the difficulties involved in discussions of privacy and ultimately provides a provocative resolution. He argues that no single definition can be workable, but rather that there are multiple forms of... View Details

Body scans at the airport, candid pics on Facebook, a Twitter account for your stray thoughts, and a surveillance camera on every street corner -- today we have an audience for all of the extraordinary and banal events of our lives. The threshold between privacy and exposure becomes more permeable by the minute. But what happens to our private selves when we cannot escape scrutiny, and to our public personas when they... View Details

Digital data collection and surveillance gets more pervasive and invasive by the day; but the best ways to protect yourself and your data are all steps you can take yourself. The devices we use to get just-in-time coupons, directions when we’re lost, and maintain connections with loved ones no matter how far away they are, also invade our privacy in ways we might not even be aware of. Our devices send and collect data about us whenever we use them, but that data is not safeguarded the way we assume it would be.

Privacy is complex and personal. Many of us do not know the full... View Details

"He was the most important scholar of privacy since Louis Brandeis."Jeffrey Rosen

In defining privacy as the claim of individuals to determine for themselves when, how and to what extent information about them is communicated,” Alan Westin’s 1967 classic Privacy and Freedom laid the philosophical groundwork for the current debates about technology and personal freedom, and is considered a foundational text in the field of privacy law.

By arguing that citizens retained control over how their personal data was used, Westin redefined privacy as an individual... View Details

Privacy: A Short History provides a vital historical account of an increasingly stressed sphere of human interaction. At a time when the death of privacy is widely proclaimed, distinguished historian, David Vincent, describes the evolution of the concept and practice of privacy from the Middle Ages to the present controversy over digital communication and state surveillance provoked by the revelations of Edward Snowden.

Deploying a range of vivid primary material, he discusses the management of private information in the context of housing, outdoor spaces, religious... View Details

In this forceful short book, technology guru and author of the best-selling Social Media is Bull (St. Martins Press) B.J. Mendelson exposes the crude reality behind the smiley face of internet networking: data trading. We are all auctioning our personal information, the book argues, to the highest bidder. Mendelson discusses the end of privacy from a contemporary perspective, including chapters on: Metadata and its uses Data auctions The Internet of Things The use of social media for surveillance and suppression Just how safe is Cloud technology The Big Business of Big Data... View Details

Best Science Podcasts 2018

Peering Deeper Into SpaceThe past few years have ushered in an explosion of new discoveries about our universe. This hour, TED speakers explore the implications of these advances â and the lingering mysteries of the cosmos. Guests include theoretical physicist Allan Adams, planetary scientist Sara Seager, and astrophysicists Natasha Hurley-Walker and Jedidah Isler.

#461 AdhesivesThis week we're discussing glue from two very different times. We speak with Dr. Jianyu Li about his research into a new type of medical adhesive. And Dr. Geeske Langejans explains her work making and investigating Stone Age and Paleolithic glues.